Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Communications The Internet IT

IPv6 Still Hotly Debated 639

inkslinger77 writes "A significant stumbling block to IPv6 adoption may be IPv4 loyalists who are keen to keep the old protocol in preference to the 'new improved' version, according to a Computerworld Australia article. The article covers the views of Cisco's senior technical leader for IPv6 technologies, Tony Hain and Geoff Huston, a senior Internet research scientist from Asia Pacific Network Information Centre (Apnic)." From the article: "Go to your favourite venture capitalist and say 'I want to be an ISP'. By the time he stops laughing and [finds you want to run] IPv6 - the discussion gets terminated. No one wants to hear this. IPv6 is well ahead of adoption in this market so everyone is deferring. No one is running IPv6, because there is no business case for it ... if we really wanted to leave a legacy to our children we'd review the crap we have today which is pretty ghastly ..."
This discussion has been archived. No new comments can be posted.

IPv6 Still Hotly Debated

Comments Filter:
  • Me too (Score:4, Insightful)

    by Phroggy ( 441 ) * <slashdot3@NOsPaM.phroggy.com> on Thursday November 10, 2005 @12:53PM (#13999320) Homepage
    To be honest, IPv6 never really made sense to me either. I mean, OK, so we're running out of IP addresses and we need more... but as more and more companies are turning to NAT instead of using public IPs behind a firewall for internal services, some IP blocks are being freed up, and it looks to me like there are still a HUGE number of reserved subnets [iana.org] out there.

    But assuming we really do need more IPs, why IPv6? Why 128 bits instead of, say, 64? Why build the functionality of DHCP, which (mostly) works perfectly well* and is extensible enough to support cool stuff that hadn't been thought of when IPv4 and DHCP were invented (e.g. WPAD, netbooting), into IP? What's the deal with including your MAC address as part of your IP address?

    Going with the assumption that the problem really is as bad as people say it is (China has a gazillion people and more of them are getting online, and it'd be great if my refrigerator had a web-based interface I could access remotely without setting up port forwarding or a VPN, etc.)... I'm not convinced that IPv6 is the right solution to the problem. It just seems to be the only solution anyone has offered, and a lot of money has been spent bringing it closer to reality.

    So, convince me: why is IPv6 the right answer to the problem?

    * Off-topic, but can someone explain to me why (at least with ISC dhcpd) I can't assign IPs on two different subnets on the same physical LAN? Can this be done with a different DHCP server? Is there any kind of limitation to the protocol that makes this impossible, or is it just an implementation problem?
    • Re:Me too (Score:3, Informative)

      by mboverload ( 657893 )
      > Why 128 bits instead of, say, 64?

      Exactly what I'm asking. From wikipedia:

      The primary change from IPv4 to IPv6 is the length of network addresses, with IPv6 addresses being 128 bits long (as defined by RFC 2373 and RFC 2374). This corresponds to 32 hexadecimal digits, which are normally used when writing IPv6 addresses. Each hexadecimal digit can take 16 values (see combinatorics), resulting in a total of 1632 (340 undecillion) addresses. IPv6 addresses are usually composed of two logical parts: a

      • Re:Me too (Score:5, Insightful)

        by MightyMartian ( 840721 ) on Thursday November 10, 2005 @01:03PM (#13999451) Journal
        NAT really isn't anything more than a kludge, and despite a lot of work done to make some of the finickier protocols work through it, the point behind IPv6 is to create an address space sufficiently large that we don't have the provisioning problems that are evolving now. Is it overkill? Well, for 2005 there's no doubt. But IP4 was probably massive overkill in 1980. The point here is that these artificial limits we've set (640k, IP4, two-digit years) eventually lead to very big hastles, and if we're going to have to find some new way to enlarge the address space, why not do it right?
        • Re:Me too (Score:2, Funny)

          by mboverload ( 657893 )
          You realize IPv6 has more IP's then there are atoms in the universe, right?
          • "if we're going to have to find some new way to enlarge the address space, why not do it right?"

            "You realize IPv6 has more IP's then there are atoms in the universe, right?"

            Surely if we have more IPs than it is possible to need (unless for some reason you want to give them to individual particles, which I doubt) it's been done right as we'll *never* run out, instead of finding in 2100 we have to do this all over again?
            • Re:Me too (Score:5, Informative)

              by Ancient_Hacker ( 751168 ) on Thursday November 10, 2005 @01:40PM (#13999933)
              Uh, no. The universe has around 10^85 atoms (plus or minus a few orders). 2^128 is approximately 10^38. A much smaller number. About 10^63 times smaller. You can only assign IP addresses to each atom in New Jersey.
          • Re:Me too (Score:5, Interesting)

            by eric76 ( 679787 ) on Thursday November 10, 2005 @01:25PM (#13999739)
            You realize IPv6 has more IP's then there are atoms in the universe, right?

            Just think of all these worms scanning blocks of IP addresses somewhat randomly for vulnerable machines. It's a target rich environment.

            Now imagine that we were using IPv6 instead. With a random approach to scanning, many of those worms would take years before they happened to locate an actual computer.

            Of course, those writing the worms would have to switch to non-random techniques. But someone who is reasonably careful (i.e. didn't use Internet Exploder and Outhouse Express), they could have a system wide open to exploitation without it ever being exploited.

            • Re:Me too (Score:3, Insightful)

              by gclef ( 96311 )
              You know, every time I hear that argument, I want to ask this: yeah, but can your switch/router store that many incomplete arp entries for all the hosts that got scanned but aren't there? I suspect the first time someone really does a big sequential scan of IPv6 space (non-firewalled, like customer DSL or Cable space), you'll see some very unhappy network engineers trying to figure out why their big 6500's are running out of RAM.
              • Re:Me too (Score:3, Informative)

                by Jimmy_B ( 129296 )
                Routers running out of RAM is an IPv4-specific problem, too. With IPv6 the IP address space should be almost completely uniform, so that even a core router can figure out which way a packet goes from only the first few bits of the destination address.
              • Re:Me too (Score:3, Informative)

                by fbjon ( 692006 )
                Simple, don't store incomplete arp entries from sequential scans.
          • Re:Me too (Score:3, Funny)

            by nizo ( 81281 ) *
            Yeah but visitors from parallel universes need IP numbers too.
          • Re:Me too (Score:4, Interesting)

            by lostboy2 ( 194153 ) on Thursday November 10, 2005 @03:36PM (#14001359)
            Just for fun, I did some math:

            If there are 1 trillion people in the world and each of them is assigned 1 trillion new IPv6 addresses every day, it will take over 931 billion years to use up all of the possible addresses.

                    3.4 x 10^38 / (10^12 x 10^12 x 365) = 9.315 x 10^11

            By comparison, the sun might swallow the Earth [nasa.gov] in 4 to 5 billion years.
        • Yes, but the design calls for 64 bit network address space... Reasonable...
          And then it calls for 64 bit host address space. meaning there can be as many computers in your network as there are networks in the world. Convenient, but complete overkill as it lacks the ability to personally manage your host network address space with a memorizable number. Though actually I believe recent versions do allow personal host addressing.. its still overkill.
        • Re:Me too (Score:4, Insightful)

          by exaviger ( 928938 ) <nathantal@g[ ]l.com ['mai' in gap]> on Thursday November 10, 2005 @01:21PM (#13999694)
          Nicely put, just to stengthen your point - a little historical snippet "In the early days of mainframe computing, resources were at a premium. Memory was expensive, disk storage was limited and input devices constrained. Every programming method was used that made efficient use of each component. One of the methods used was to truncate the year value to a two digit number for entry, storage and processing. This saved space and saved on the associated cost of storage and processing. After all, why enter and store the century portion of the date when it will always be 19? Right? It would be decades before the year 2000. By then, all the programs and hardware being used would be obsolete and replaced with newer equipment and programs." Do we not learn from our mistakes? Calling IPv6 overkill is silly, why should we not overkill? Why not make sure that for the next century every electronic device will be able to have its own unique IP address. NAT is all good and well but what about the growing number of mobile devices, what about some services that dont work behind NAT? Who knows what will happen in 5,10,50 years. Soon every single vehicle, vending machine, traffic light and any other electronic device will require and IP address be it public or local. I am all for IPv6!
      • by Pii ( 1955 ) <jedi@nOSpam.lightsaber.org> on Thursday November 10, 2005 @02:49PM (#14000773) Journal
        Overkill is exactly the point.

        The previous poster asked Why 128 bits instead of, say, 64?

        The amount of work required to jump to 64 bit addressing or 128 bit addressing is identical. Since you're going to have to re-write everything anyway, you may as well figure in a ridiculously large address space, because not doing so saves you nothing.

        Additionally, the routing table saving offered cannot be understated. With huge swaths of continguous address space, you can (hypothetically) represent an entire continent as a single aggregated routing entry (The more granular routing information would only be seen locally.), and the number of unique addresses within that range would be virtually inexhaustable.

        Overkill is a good thing when it doesn't cost you anything.

      • Not me too (Score:4, Insightful)

        by mwood ( 25379 ) on Thursday November 10, 2005 @03:16PM (#14001118)
        Is there an echo in here? "We'll never run out of [2^N for any value of N] addresses". Yes we will. There are people who are scheming to put every bloody light switch and kitchen appliance on the Internet. There are people designing applications to run on microscopic hosts that will be scattered like seeds, by the thousands or millions.

        It's 128 bits instead of 64 so we don't have to go through this again in five years.

        Remember, the Internet *core* used to run over 56kb/s lines -- the same speed as those $20 modems that individuals are throwing away by the basketful today because they're unbearably slow for *personal* use. It's *hard* to plan well for that kind of growth. Better to waste a couple of bits than have to waste the whole thing and do it over.
    • Replying to your offtopic....it must be a problem with either the server or your understanding of how to configure it.

      There is nothing in the protocol that says you can't run multiple IP subnets over the same physical wires, and in fact I do it all the time.
      • There is nothing in the protocol that says you can't run multiple IP subnets over the same physical wires, and in fact I do it all the time.

        Just to clarify, I have no trouble running two subnets on the same physical LAN, the problem is using DHCP on both subnets. Let's say we have a "private" subnet and a "public" subnet. I've got a database of known MAC addresses, from which I build dhcpd.conf. If I get a DHCP request from a computer with a known MAC, I want to assign it a static IP address on the "priv
    • Instead of hacking IPmasq'ing to work with P2P protocols, just implement a system where there are enough addresses for everyone's PC, phone, etc.

      As for you ISC DHCP problem, you can assign whatever address blocks you want to. You just need to setup the correct criteria and have a way to recognize it. The easiest way is to assign one block to particular MAC's an a different block to regular boxes.
      • As for you ISC DHCP problem, you can assign whatever address blocks you want to. You just need to setup the correct criteria and have a way to recognize it. The easiest way is to assign one block to particular MAC's an a different block to regular boxes.

        If you mean two different ranges within the same subnet, that's what I eventually wound up doing, but I couldn't get it to work with two different subnets. See my reply here. [slashdot.org]
        • Just assign a secondary IP address to that card. Bind9 should be able to handle multiple addresses per card, as long as they aren't virtual. The problem appears to be how the broadcast packets are received and there really isn't any way to handle that with a virtual card.

          But a secondary address should be able to handle it as the initial request will go to the primary address, an address will the issued, and future updates will be seen on that same card, but via the secondary address.
    • Re:Me too (Score:5, Insightful)

      by cnlohfin3109 ( 758597 ) on Thursday November 10, 2005 @01:06PM (#13999492) Homepage
      IPv6 gives us more then just more address space. The ip is designed heirarchally(sp) which will help _significantly_ with routing, decreasing tables etc. Not to mention not wasting time havening to check checksums all the time... cause there is none! Its silly if we get into the terabit speeds and still wasting so much time just tring to route the ethernet frames, not to mention the sheer processing power required by a router for those speeds.
    • People don't seem to understand that IPV6 isn't the Internet. It's something else that nobody is on and nobody wants on because nobody is there.

      http://cr.yp.to/djbdns/ipv6mess.html [cr.yp.to]

      IPV6 is being led by fools that are convinced that IPV6 is solely "a matter of time". Fact is, they have no transition plan, and until they do, they're going to continue to get laughed at.

      I have recommended on numerous occasions that the simplest solution is to freeze the IANA and require TCP and UDP services publish their ports i
    • It just seems to be the only solution anyone has offered, and a lot of money has been spent bringing it closer to reality.

      So, convince me: why is IPv6 the right answer to the problem?

      It works, it is the only solution anyone has offered that isn't a kludge like NAT (which is problematic to say the very least) and it is probably sufficiently large that we will not run into address shortages unless we develop faster-than-light communications and colonize other planets and/or systems.

      There's no part

    • by schwaang ( 667808 ) on Thursday November 10, 2005 @02:23PM (#14000442)
      What's the deal with including your MAC address as part of your IP address?

      Yeah this looks like a serious privacy issue that most people haven't woken up to yet.

      A MAC address is (usually) a globally unique identifier. How long before someone big builds a database relating MAC to user identity (Microsoft, your ISP, law enforcement, whoever).

      At that point, no matter where you connect your laptop from, your traffic can be identified as yours. Be it for the purpose of advertising, tracing communication, or other data mining.

      So the question is, are we ready and willing to surrender anonymity on the net?
      • by Halo- ( 175936 ) on Thursday November 10, 2005 @03:29PM (#14001292)
        A couple of points:

        1) With a static IP, especially if you have a DNS name to go along with it, you leave just as big of a footprint, if not more. (Since I've only got the one directly addressable IP, I might as well get a name to go with it, right? And then use something like DynDNS? Well, unless I register by proxy, I have to give my name, address, phone, etc...)

        2) MAC address, while theoretically static, can easily be changed in most OSes and hardware. For example, my LinkSys router has an option to "clone MAC address" in the setup. The problem with changing your MAC address is that the prefixes indicate the vendor, and that might get you in trouble with someone who "owns" that prefix. (I doubt it though)

        3) There is nothing preventing you from NAT'ing IPv6, and I suspect some people probably will simply for the quasi-deny-all-in firewall effect. Moreover, if you really want to be anonymous, IPv6 makes it much easier to implement things like "onion routing" because it's a lot easier for individuals to set up persistant servers.

        The point is, you can control the "MAC" portion of the address, and the "public" portion is just as visible (or not) as with IPv4. Hell, you could change your MAC address every coupla minutes for a REALLY long time without ever repeating one if that's what you wanted. (Persistant connections be damned...)

  • by Analise ( 782932 ) * <anaili@@@gmail...com> on Thursday November 10, 2005 @12:56PM (#13999364) Homepage Journal
    Why the emphasis on NAT boxes saving the day? Why do people think they're so wonderful and with them, we don't need no stinkin' ipv6? I mean, yeah, they've been useful and I'm not disputing that, but I'm not sure they were ever intended as anything beyond a stopgap measure until something better could be found. Not to mention that, as I understand it, they actually impede certain methods of communication over the Internet (anything that needs a real end-to-end connection, I think).

    Yes, ipv6 still has a ways to go, but I honestly think it's a much better alternative than sticking with what we've got. We're going to have to do somethinga bout it anyway, since there are plenty of people already starting to use it, or will be in the future.
    • by Daedala ( 819156 ) on Thursday November 10, 2005 @12:57PM (#13999381)
      Sometimes, it's good that NAT impedes some forms of communication. Like, say, exploits.
      • by MightyMartian ( 840721 ) on Thursday November 10, 2005 @01:05PM (#13999485) Journal
        One does not need NAT to lock up vulnerable ports. I have a Linux-based firewall that covers my public IP Windows boxes, and it works fine.
        • If client-based firewalls ar eso great, then why doesn't IBM and Ford and the Fortune 500 have all their PCs connected directly to the web and install personal firewalls? Answer?

          - Having direct connections to the web for each terminal is more expensive than having them all behind the NAT

          - You can't trust your employees to keep a secure environment

          Thus, corperations have no need or desitre to have all their terminals directly connected to the internet. Thus, they don't need IPv6. Thus, the va
          • "- Having direct connections to the web for each terminal is more expensive than having them all behind the NAT"
            They'd all still go through a IPV6 Router replacing the NAT box. So you replace one piece of equipment, but the rest (LAN + computers) is identical.

            "- You can't trust your employees to keep a secure environment"
            Then get one which only admins can configure.
          • No, wrong. (Score:3, Informative)

            by Kadin2048 ( 468275 )
            I beg to differ. I question whether you're serious or a troll, but I'll respond anyway and give you the benefit of the doubt.

            Lots of companies which are big enough to have their own Class-A allocations assign all of their clients globally routable addresses. I can tell you this from personal experience.

            They don't use personal firewalls, obviously, and I have no idea why you think this is related. Using a personal firewall at the client level has nothing to do with IP address allocation or NAT. You can assig
    • Two reasons. (Score:3, Insightful)

      by khasim ( 1285 )
      #1. It allows you to run multiple boxes at home WITHOUT having to pay extra for a "family" connection plan.

      #2. Cheap and easy way to block worms and such.
      • Re:Two reasons. (Score:4, Insightful)

        by Kadin2048 ( 468275 ) <slashdot...kadin@@@xoxy...net> on Thursday November 10, 2005 @02:26PM (#14000473) Homepage Journal
        Neither of these points are really arguments for the current system, if anything they're good arguments against it, and in favor of IPv6.

        #1 is nothing but a direct consecquence of the current shortage of IPv4 addresses. Under IPv6, there'd be no reason why every device on your network couldn't get a separate "real" address. The way they're handed out -- using a hierarchy instead of finite blocks -- would allow your ISP to let your home DHCP router hand out globally addressable IPs if it was set up correctly. Assuming your ISP doesn't suck, that is, and that's really not the fault of the IP system, one way or the other.

        #2 is pretty frightening, because it shows a misunderstanding of what NAT is and a certain amount of laziness about security in general. That said, there's no reason why you couldn't get a 'firewall in a box' that would provide just as much (or as little) security without the NAT facility. It's just that right now when you go and buy a "home firewall" from Linksys, it almost always includes NAT by default (because of point #1, the pressure by ISPs on home users to only have one IP address due to limited supply). There's no reason why this needs to be true, however, and the security comes from the firewall effect and not the address translation itself.
    • A few advantages of NAT over IPV6 in a 'business' setting:
      1) Most default NAT configs will actually prevent internal networks from the trivial overflows that just scan IP address blocks.
      2) Most default NAT configs will work with existing or very inexpensive gear, meaning there's almost no cost involved (other than 'time').
      3) NAT doesn't require renumbering existing services.
      4) NAT allows conservation of IPV4 at a corporate level; a /20 can be stretched a LOOOONG with some basic NAT in front of the corporate
    • Why do we need all these freaking IP addresses anyway? I, for one, do *not* want my house, and fridge, or even my home PC for that matter, connected directly to the web. I have to deal with enogh virii and trojans and crap as it is, without worrying about if the OS on my fridge is updated with the latest patch to fix the buffer overflow on the mayonaise level access port.

      What is wrong with having to go through a VPN login procedure to access these types of services? Whats the big deal? You log into the NAT
      • Because your recommended solution is a patch for the problem. So what if you don't want it, maybe I do want a public IP address for a fridge that I want everyone to have access to. Having IPv6 doesn't destroy NATs - you can still do it.

        It's a matter of people saying "but I don't want to change!"
        I'm excited that I could have a chance to reserve a person IP range for myself. I'm excited that the cost of IP addresses would fall because they are no longer a commodity. Why can't we realize that this gives
  • "IPv4 loyalists" (Score:5, Insightful)

    by FirienFirien ( 857374 ) on Thursday November 10, 2005 @12:57PM (#13999377) Homepage
    What are the chances that the term "IPv4 loyalists" includes those who just have no reason to make the effort to shift to the new system? Considering the number of [people, admins, even that amusing case where MS didn't patch its own servers] who don't even download security patches - the shift to a parallel system while the old system still works fine just isn't going to happen in droves.
    • by Phisbut ( 761268 ) on Thursday November 10, 2005 @02:07PM (#14000250)
      the shift to a parallel system while the old system still works fine just isn't going to happen in droves.

      The real question though is "Do we really want to wait until the old system finally breaks and nothing works anymore before making the change?". The old system still works, but we know it won't work forever, and we know we need to change it. Why wait till it breaks?

      (Obligatory car analogy) When you put gas in your car, there's still gas left in it, so it can still work. Yet you don't wait till you go dry to put some more gas in.

    • Re:"IPv4 loyalists" (Score:5, Interesting)

      by jd ( 1658 ) <imipakNO@SPAMyahoo.com> on Thursday November 10, 2005 @02:24PM (#14000457) Homepage Journal
      Define "no reason".
      • Security: IPv6 mandates IPSec (which encrypts ALL streams, ALL of the time, so contextual information can't be used for cracking as it can with SSH or SSL streams, which are generally only used for specific segments of a transaction).
      • Authentication: X.509 within IPSec and the use of Extended Authentication protocols in IPv6 guarantee that all endpoints are who they say they are.
      • Fragmented Packets: Firewalls don't handle fragmented packets well, as there is no header to check for later fragments. Fragmenting and re-assembly also adds latency. IPv6 defines per-connection MTUs, guaranteeing ALL packets are the largest supported between any two endpoints without fragmentation.
      • Latency: IPv6 headers don't have as many entries and are heirarchical, which makes routing much faster and much simpler. The lack of fragmentation and the presence of auto-MTU also helps.
      • Multicasting: IPv6 mandates multicasting and has a decent range of addresses for it.
      • Anycasting: IPv6 mandates service location and resource location abilities, which means no more hunting for printers, routers, DNS servers, SMTP servers, POP/IMAP servers...
      • Autoconfiguration: IPv6 uses autoconfiguration for routing and addressing as a standard, in a manner (almost) guaranteed to be free of conflicts and absolutely guaranteed to be fully scalable.
      • Mobility: IPv6 mandates the ability for nodes or even entire networks to be totally mobile (ie: switch upstream routers without losing connectivity or existing connections) with upstream optimization of routing.
      • Advanced Headers: IPv6 allows an arbritary number of extended headers to be attached to packets, with controlled responses for unknown extended headers.
      • High Availability: IPv4's High Availability mechanisms require a lot of fancy manoevering, because the MAC address (used by switches) and the IP address (used by remote systems) are dissociated and ALL parties to a type of data have to agree on the failover for it to work. Hotswapping is extremely difficult and even hot standby is hard enough to be uncommon. IPv6 strongly couples MAC and IP addresses, both for autoconfiguration and mobility, allowing instantaneous, lossless failover with very minimal complexity or overhead and no patent problem.
      • Tunneling: There is no agreed method of tunneling in IPv4 and the de-facto method (GRE) is detested by many network admins. IPv6-over-IPv6 is to be a universal standard.
      • Clusters: Infiniband cooperates well with IPv6, making it possible for nodes within a cluster to directly access IP-based resources. Infiniband requires capabilities that are not guaranteed present in IPv4 stacks or IPv4 networks (such as multicasting) which means Infiniband cannot reliably treat IPv4 networks as extensions.
      • Reachability: IPv6 can reach all IPv4 nodes, with only trivial conversion to make allowance for the different header structure and the lack of intelligence in IPv4 networks, so any client-only machine or network could be converted tomorrow without anyone noticing. Small numbers of IPv6 machines can be exposed to IPv4, making it possible to have DMZ servers on an IPv6 network visible to IPv4, so any server could be converted tomorrow without anyone noticing. The backbone could be left as long as you like. Because IPv6-over-IPv4 is also defined, if both servers and clients are IPv6 then the backbone could be ignored forever without significant impact.

      All told, I'm not convinced that there are that many people who genuinely have "no reason" to shift to the new system. All I am convinced of, so far, is that there are plenty of people who have absolutely no reasons at all but plenty of excuses. Let's look at something, here. Say Comcast converted its entire cable network to IPv6, would you care or even notice? Probably not. Their routers hide their network from your computers, so your computers wouldn't see the difference. It would be

        • Security: IPv6 mandates IPSec (which encrypts ALL streams, ALL of the time, so contextual information can't be used for cracking as it can with SSH or SSL streams, which are generally only used for specific segments of a transaction).

          Overrated. IPv6 mandates IPSec support, but it's still an overengineered protocol that's a bitch to configure. Works okay for VPN-like scenarios, but will never work with random hosts you've never talked to before.

        • Authentication: X.509 within IPSec and the use of

  • is well ahead of adoption in this market so everyone is deferring.

    Maybe it will be IPv7 by the time it's adopted.

    Better yet, why not name it IPv2005, so everyone will have to take it up by the end of the year lest they be left behind? Sure sounds better than IPvXP or IPvVista, doesn't it?

  • IPv6, I'm sure, will eventually be implemented however it's going to be a very slow process. The average person doesn't want to replace their routers etc. because all they want is simple Internet access to browse a few web sites (online banking etc.) and send email. Most of these people are not interested in upgrading because it costs money and also is a pain in the ass for them to take time out of their lives to do so. From the perspective of the average Joe, it's the "If it's not broke why fix it" synd
  • by Nom du Keyboard ( 633989 ) on Thursday November 10, 2005 @01:00PM (#13999423)
    One reason alone is enough to make IPv6 a "good idea." Permanent static IP addresses for everything.

    I, for one, will welcome the end of the NAT kludge.

    • One reason alone is enough to make IPv6 a "good idea." Permanent static IP addresses for everything.
      I, for one, will welcome the end of the NAT kludge.

      And your ISP will charge you for each Address you use!
      NAT let's you use ONE IP from you ISP and have as many Internal IPs as you which without being gouged.
      • So does NAT not function with IPv6?

      • And your ISP will charge you for each Address you use!
        In a scheme where there are enough available addresses to give one to every grain of sand, the laws of supply and demand suggest that the value of each IP address will approach zero.
        • the laws of supply and demand suggest that the value of each IP address will approach zero.
          Except that the "laws" aren't laws at all and are in fact closer to myth. The supply of an item does not determine its price. The price people are willing to pay determines its price.
    • One reason alone is enough to make IPv6 a "good idea." Permanent static IP addresses for everything.

      You know that one of the working assumptions of IPv6 is that your ISP can change your netblock prefix at any time, right?

    • Reasons to use NAT (Score:2, Insightful)

      by jhines ( 82154 )
      As this was discussed on /. a bit ago, the best reason for NAT is to create islands of IP addresses for your network, otherwise you have to renumber everything when you change service providers. Multiple service providers is another problem.

      Even if the cable and dsl companies all switched over to IP6, and there were $50 routers and switches available, there is still reason to use NAT.
  • Market Forces (Score:5, Insightful)

    by bizitch ( 546406 ) on Thursday November 10, 2005 @01:01PM (#13999435) Homepage
    Just like anything else, market forces will dictate when this gets adopted.

    Are we really running out of IPv4 numbers? The market will tell us.

    Is there a killer app for IPv6? The market will tell us.

    Can we ram IPv6 down everyone's throat? The market will retailiate and hit back.

    BTW - what's with this "wont somebody please think of the children" bullshit about? If we need to get to IPv6 - we'll get to it - relax already!
    • by DoctorNathaniel ( 459436 ) <nathaniel.taggNO@SPAMgmail.com> on Thursday November 10, 2005 @01:27PM (#13999759) Homepage
      "The death of IPv4 has not really killed the Internet. In fact, far from it, we've managed to make an industry around it."

      In other words, by keeping IPv4, we can sell NAT boxes (which we're already selling in huge numbers.. the wireless network hub in my den is a prime example.) Cisco has a big investment in building hardware to take care of IP space limitiations.

      "You will still be able to get addresses, if you pay for them, because a market will appear."

      In other words, this damned internet isn't making us enough money, because IP addresses are free. We want people to start trading them, so we can get commissions on the sales.

      It's clear that this is "good buisiness" for the big internet companies: why invest in a new system that will make users's lives cheaper and easier when we can continue to sell patches on the old stuff, and make a market so that we can start charging the freeloaders?

      It's also clear to me that the only way IPv6 will get adopted is if public bodies start using them and demanding their use. For instance, if Internet2, the US military, or all of .gov start adopting, then it will get off the ground. Of course, this is unlikely to happen because Cisco doesn't sell IPv6 switches.

      I'm no expert, but to my cynical eye it looks not like market forces, but like the usual problems with capitalism exploiting a local maximum and avoiding short-term risk.

      ----Nathaniel
      • Patents (Score:3, Informative)

        by Alan Cox ( 27532 )
        Its all horribly horribly simple. No large investor or large vendor wishes IPv6 to happen in the mainstream until all the bogus submarine patents filed around it have expired. Until then its not in the interest of Microsoft, Cisco or anyone else to ship large amounts of IPv6 and get shot at.

        Nobody will say that in public because the US doesn't like industries apparently conspiring together against a patent holder but you will hear it in private.
    • Re:Market Forces (Score:3, Informative)

      by tenchiken ( 22661 )
      A few things to remember, this isn't the first time that technical purists have tried to change the underlying protocol for the internet for logistical reasons. The first Attempt [wikipedia.org] at replacing TCP/IP internet wide was far more braindead then IPv6 (packet size of 53 bytes? Yeah, let's ship everything around in a packet size that not only is not a power of two, it's a large prime number! Oh and for traffic control, let's just drop everything into a leaky bucket!)

      However, it's been clear ever since IPv6 was i
  • I for one welcome our new IPv6 overlords!

    Nobody likes to do an IP renumbering, but why forego progress to preserve the status quo? We already use IPv6 for internal stuff, but since there's little adoption, it isn't more than a novelty. I hope that with the explosion of embedded systems, we'll start to see more folks interested in adopting IPv6.
  • by CDPatten ( 907182 ) on Thursday November 10, 2005 @01:04PM (#13999461) Homepage
    Windows Vista will make IPv6 the protocol of choice. You can bind IPv4 and IPv6 in different orders on the NIC and it will enable great support for the protocol. They are even talking about having it running as part of the default install.

    MS is developing Vista to enable programmers to push Home Automation. One thing they are doing is adding in that area is the functionality for IP's to securely be handled like a plug and play device. This isn't for printers on a network; it's for all the appliances in your house. IPv4 just doesn't work well for home automation. Also another sign is the majority of GE prototypes all are geared towards IPv6 not IPv4.

    The regional specs that come with IPv6 are also huge things for MSN, Google, and Yahoo. It will allow your search (and Ads for that matter) results for a "pizza place" to give you the ones in your area without any additional info.

    Vista will start the ball rolling, and the other two items will make the transition come very quickly. Security is also nice, and will help stop allot of traditional hacking, but the end user doesn't get excited about that. They will get excited about the other stuff though.

    Two years from now we will start to see IPv6 becoming very common.

  • by Snarfangel ( 203258 ) on Thursday November 10, 2005 @01:07PM (#13999509) Homepage
    There are plenty of addresses in northern Alaska that aren't being used. "Peak IPv4" indeed.
  • by wayne ( 1579 ) <wayne@schlitt.net> on Thursday November 10, 2005 @01:08PM (#13999525) Homepage Journal
    Geoff Huston is the one mentioned in this article that IPv4 address exhaustion isn't a problem. It isn't a problem because scares IP addresses lets ISP charge more. I'm not sure that consumers would agree with this logic.

    In July 2003, Geoff said that IPv4 addresses will run out in two decades [potaroo.net].

    About two years later, Goeff says that IPv4 addresses will run out in just one decade [potaroo.net].

    So, if even very anti-IPv6 folks are saying that IPv4 addresses will run out sooner than expected, I think it is time to start preparing to the conversion.

  • Correct me if I'm wrong, but isn't NAT and the separation of networks a good thing, security wise? (Obviously there are other measures needed, but it plays a part..) Even if we had IP6 it seems we'd still want DMZs and the like. Maybe I'm getting the wrong impression from the articles, but it seems like they're emphasizing everyone being able to have an IP address on a common network essentially - instead of the Internet being a network connecting a bunch of private networks. I don't know about you, but
    • by hpa ( 7948 )
      NAT and firewalling are completely separate things. Since they're done at network boundaries, they are usually combined in one device, but they don't have to be.


      NAT is a pretty bad thing. Unfortunately the IPv6 people haven't considered the requirements for managing that large of an address space except by hierarchy (which breaks as soon as you want to have a backup link to another ISP), so I fear we'll still have to have NAT in an IPv6 world.

    • this point keeps being brought up over and over agian here. NAT devices are not firewalls NAT destroys the end-to-end connectivity, its just a kludge on kludge to allow limited protocol transparency - not a solution -
  • ... next week. In theory under IPv6 we can be less protective with IP address space, and give the UN and Europeans some portion of it to manage in whatever way they see fit. I doubt anybody present will be thinking beyond the raw policy issues sadly.
  • IPv4 will likely remain around for quite some time until there is a sudden demand for new (globally accessable) IP addresses. If there is a sudden spike in the demand for IP addresses then it is likely that some companies will choose to adopt IPv6 instead of opting for a stopgap measure that may not save the day for very long.

    The question people should ask is what type of device/application will emerge such that everyone wants a new global IP address (or 10)? Consider that if it were not for email and por
  • I think because ip v6 is too strict when it comes to accountability is what is keeping it from being popular. Why? because all processes including economies need a lubricant to keep this process running smoothly. Corruption is the economies lubricant, while too much make the economy slide into oblivian, too little will grind the economy into a standstill. The proper answer for a healthy economy is balance between corruption and accountability. Any law or technology that will disturb the balance either way w
  • Internet Protocol Version 6 is a backwards-compatible replacement for the current Internet protocol

    Is this true? I was under the impression that the compatibility more or less ended at the socket API. Is the v4 address space actually mapped in to the v6 address space now so that hosts with v4 addresses are automatically capable of talking v6 if there is a v6 path?

    No? That's what I thought. No, you have to go buy (cha-ching) seperate v6 space a number all your servers and routers with two seperate addresses,
  • calum@www1 calum $ ping6 www.slashdot.org
    unknown host
    calum@www1 calum $
    Cmon, Slashdot. insmod ipv6.o
  • by kasparov ( 105041 ) * on Thursday November 10, 2005 @01:17PM (#13999631)
    Anyone who has to deal with SIP absolutely hates NAT. SIP [faqs.org] is a VoIP protocol that is pretty much where everything is headed. Some instant messenger clients/servers even use it. And it is most definitely not NAT-friendly. In SIP, the call setup information and the media can travel differnt paths. This means that endpoints can comunicate directly without having to send media through a central location. Since the SIP message contains a description of what ports to expect the audio to arrive on in the body of the packet, NAT boxes will generally block the media coming from the other device. 90% of the problems that VoIP providers end up having to deal with is NAT-related.

    You have to go to all kinds of lengths (using special session border controllers, media proxies, etc.) to be able to support SIP calls where one or both parties are behind a NAT. It is awful. NAT is a hack--a useful one in certain situations, but still a hack.

  • Two big issues (Score:3, Insightful)

    by augustz ( 18082 ) on Thursday November 10, 2005 @01:17PM (#13999633)
    One is, despite the claims that IPv4 will run out in the next "x" years and companies will be screwed, that never happens.

    Worst case, folks will figure out how to get by on 1-2 ip addresses, or pay more than the $1/month or so to get an extra. There are TONS of unused, unrouted addresses out there through the entire hierarchy, from subnets, class b's etc.

    Second, IPv6 and you can what? If I run IPv6 only, I need to at some point tunnel to IPv4 (and often get an IPv4 address anyways) to connect to the rest of the net. If I run just IPv4, I can connect to everything, and the first person who develops google that is IPv6 ONLY is going to have very few users.

    In other words, the business case is flat out not there.

    Also, I never understood why IPv4 wasn't just a subset of IPv6? Why can't my existing IPv4 addresses also be IPv6 addresses with a standard prefix? Maybe this has changed, but when IPv6 came out it looked like that wasn't part of it.

    If my address was a subset, my ISP could create IPv6 endpoints for my address along with the IPv4 routing, even if I hadn't upgraded. They'd just strip the prefix and forward to me.

    • Re:Two big issues (Score:3, Informative)

      by hpa ( 7948 )

      Also, I never understood why IPv4 wasn't just a subset of IPv6? Why can't my existing IPv4 addresses also be IPv6 addresses with a standard prefix? Maybe this has changed, but when IPv6 came out it looked like that wasn't part of it.

      They are, the prefix is ffff::/96. In addition, there is 6to4, which lets you use your IPv4 address as a 48-bit IPv6 prefix, 2002:<IPv4 address>/48.

      The problem is... who will deploy the first IPv4-unreachable Internet service?

  • "No one is running IPv6, because there is no business case for it ." says a senior Internet research scientist from Asia Pacific Network Information Centre (Apnic)

    Oddly enough, I've just recently flat out banned large portions of APNIC from signing up with my email service because I've gotten so many spammers from there ... coincidence? Maybe. In all my dealings regarding spam, they just seem ass-backwards over there.

  • by netrangerrr ( 455862 ) on Thursday November 10, 2005 @01:18PM (#13999659) Homepage
    At Tuesday's IETF meeting in Vancouver the vote for consensus was many for and none against elevating the IPv6 Protocol Standards from "draft Standard" to "Internet Standard" and make them part of the everyday production Internet. The IPv6 WG is even shutting down as it has accomplished its mission and designed a good working protcol. The wired and wireless networks provided for the engineers at the IETF is running IPv6 and we are regularly using it to get information from our working group colloboration sites like: www.v6ops.euro6ix.net/

    Don't fear, the IETF V6 Operations (V6OPS) team and the IPv6 Forum will continue work to better clarify how to deploy IPv6 and to help build new network services around the new features. Most of the new network services groups in the IETF are basing new services on the features of IPv6 - early examples are Mobile IPv6 (MIPv6) and Network Mobility (NEMO) both of which are being extended to offer IPv4 access through IPv6 tunnels in order to get IPv4 native service through IPv4 NAT.

    If you actually have useful comments or design alternatives for IPv6, bring it up in IETF working group mailing lists [http://www.ietf.org/html.charters/wg-dir.html%5D [ietf.org]. If you don't understand because of FUD, please read up on our North American IPv6 Task Force website website [ www.nav6tf.org/ ] or the similar European/Asian sites.
  • by Mantrid ( 250133 )
    Yeah because protocols are what we'll be remembered for!
  • by Whafro ( 193881 ) on Thursday November 10, 2005 @01:33PM (#13999836) Homepage
    Even my stupid IT Director thinks that IPv4 is sufficient...what a loser.
  • The Real Truth (Score:5, Interesting)

    by Nom du Keyboard ( 633989 ) on Thursday November 10, 2005 @01:36PM (#13999879)
    The real truth is that IPv4 addresses currently have value due to scarcity. An IPv4 address range has a tangible value that can be sold, rented, leased, or hoarded. With essentially unlimited IPv6 addresses the value of IPv4 address space loses virtually all of its value, static IP addresses shouldn't command any premium anymore, and the barrier for entry of new ISP's is diminished. Certainly the current power structure likes things just as they are.

    "We happen to work in an industry that survives on complexity, address scarcity and insecurity," Geoff Huston, senior Internet research scientist at Apnic, said. "This is where the margins come from, and we are not innovators in this industry any more. We've learnt that optimism doesn't create a business case. All those people disappeared along with the dotcom boom," he said.

    That is a stupid statement. It would be more accurate to say either "limps along" or "thrives" instead of "survives" in this context. The steam engine industry undoubtedly felt the same way about the internal combustion engine when it was first proposed.

    Of course, Ipv6 isn't enough. It's not enough until every atom in the Universe can have it's own unique IP address, after which we can discuss the strings that create them.

  • by slappyjack ( 196918 ) <slappyjack@gmail.com> on Thursday November 10, 2005 @01:54PM (#14000082) Homepage Journal
    IPv6 vs. NAT
    These are two distinctly different things. Nat takes one public IP address and translates it to many private IP addresses. THese are not two competing technologies, and you can use NAT with an IPv6 address. In reality, there isnt a debate here. Its a weak argument for those that want to keep things whe way they are.

    IPv4 addresses an a commodity
    Greedy Fuckers. Pure and simple. The basic interenet and all its various little noodly bits were created but university and governmetn organizations and then just loosed on the planet essentially for free. Yes, you had to buy some hardware to use it, but the shit works without you having to pay for a damn thing but your connection.

    I have nothing against the idea of capitalism where you get paid for something you create, but hoarding a commodity that is out there for the collective good as a whole is just shitty. In very few cases is there a justification for the belief that "I must make ALL of the MONEY and IT MUST HAPPEN RIGHT NOW and YOU CANNOT HAVE ANY."

    As an added bonus, this sort of behavior helps keep the "have nots" in the "have not" category, which just generally pisses them off unnecessarialy.

    needing a publically available address
    No, obviously we all do not have to have public IP addresses - not yet, anyway. Saying you don't now or never will shows a pretty big lack of foresight. You don't KNOW that there wont be an application that needs publically available addresses to work well andd that NAT just won't cut it. Why don't you know? Becuase someone will eventually come up with sommehting new, and it'll be good and important. People always do, eventually.

    I realize that if you really wanted to have everything you own connected to the internet you could just use NAT and then if you wanted to talk to your refridgerator you sould just use "the fridge port" but its adding a level of complexity that could possibly get in the way of something on down the line.

    This would slow down address scanning worms, neh?
    if a worm's gotta look at giant chunks of addresses to find other victims, wouldnt this just slow down their epread a little?

    then again, what the fuck do i know?
  • "The IPv6 Mess" (Score:3, Informative)

    by Flwyd ( 607088 ) on Thursday November 10, 2005 @03:02PM (#14000959) Homepage
    IPv6 fans ought to read D.J. Bernstein's excellent article on the subject [cr.yp.to]. In short, the main problem is that the two protocols aren't easily interoperable, so investment in IPv6 infrastructure is without short-term return.

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...